LDAP Group Expansion 0.4

From wiki.searchtechnologies.com
Jump to: navigation, search

For Information on Aspire 3.1 Click Here

Aspire / Aspire Components / Aspire LDAP Group Expansion

Aspire LDAP Group Expansion
Description: Provides methods to bind/authenticate and search over a LDAP server. If used as a pipeline stage, gets group information of a given user from a LDAP server.
Inputs: <username> containing the user name and with @dn attribute set to the user Distinguished Name (values normally provided by Aspire LDAP Proxy component).
Outputs: <groups> element containing the group names to which the given user is member of.

Includes nested groups. Groups are in the format:

<group source="ldap">groupName</group>

If the groups element was present, group names are appended to it.

Factory: aspire-ldap
Sub Type: default
Object Type: AspireObject

Description

This component will handle all the communication with the customer's LDAP server using Java API.

If used as a pipeline stage, will fetch user group information. Includes nested groups.

Configuration

Element Aspire version Type Default Description
host   string   LDAP server host address. Example: ldap//10.10.44.82:389.
authentication   string   Authentication type used for any LDAP request. Options are 'none', 'simple' and 'DIGEST-MD5'.
adminUser   int   Username used to authenticate against the given LDAP server. If 'none' authentication type was selected, you can ignore this.
adminPassword   string   Password used to authenticate against the given LDAP server. If 'none' authentication type was selected, you can ignore this.
searchBase   string   Base for directory searches. Normally this is the domain of the LDAP server.
lowerCase   string false Tells if group names retrieved from LDAP should be changed to lower case.

Example Configurations

<!-- This component will handle all the communication with the customer's LDAP server. If used as pipeline stage, will use Java API to do user group expansion -->
<component name="LdapConnector" subType="default" factoryName="aspire-ldap">
	<config>
		<!-- Path to the customer LDAP server -->
		<host>ldap://10.10.44.82:389</host>
		<!-- Authentication type.  Options are 'none', 'simple' and 'DIGEST-MD5' -->
		<authentication>simple</authentication>
		<!-- Default user credentials. Used when no other user was specified. -->
		<adminUser>contoso\carolt</adminUser>
		<adminPassword>pass@word1</adminPassword>
		<!-- Search base. Normally this is the distinguished name of the customers domain. -->
		<searchBase>dc=contoso, dc=com</searchBase>
	</config>
</component>